The Ministry of Defence (MINDEF) revealed it detected a breach in its I-net system (I-net) earlier this month. I-net provides Internet access to national servicemen and employees for their personal communications or Internet surfing using dedicated I-net computer terminals in MINDEF and Singapore Armed Forces (SAF) camps and premises.
A statement from the Ministry says no classified military information is stored on I-net. NRIC numbers, telephone numbers and dates of birth are required for I-net account management and these are stored on I-net. Classified matters in MINDEF/SAF use a different computer system with more stringent security features and are not connected to the Internet.
Upon detection, MINDEF disconnected the affected server from I-net. Immediate and detailed forensic investigations were conducted on the entire I-net to determine the extent of the breach. As a precaution even though no breach had been detected, all other computer systems within MINDEF/SAF are also being investigated.
Investigations revealed that basic personal data, comprising NRIC numbers, telephone numbers, and dates of birth of around 850 servicemen and employees was stolen from I-net. Investigations are ongoing. The attack on I-net appeared to be targeted and carefully planned. The real purpose may have been to gain access to official secrets, but this was prevented by the physical separation of I-net from our internal systems.
All affected personnel will be contacted within the week, according to a media release. They will be informed that personal data had been stolen and to change their passwords for other systems if these use any of the stolen information. They have also been advised to report any unusual activity related to the use of their personal information to MINDEF/SAF.
As Internet access is needed by national servicemen and employees while they are in camp, MINDEF/SAF will continue to provide access to our servicemen despite this incident. We will continually strengthen our cyber defenses as the level of targeted attacks is expected to continue and rise.
MINDEF has also informed the Cyber Security Agency and the Government Technology Agency of Singapore to investigate other Government systems. No breaches have been detected so far.
MINDEF apologizes for this breach and any inconvenience or harm caused to all affected servicemen.
Affected personnel with further queries may also contact MINDEF/SAF at 1800-367-6767 or IT_Helpdesk@defence.gov.sg.
According to Sanjay Aurora, Managing Director, Asia Pacific at security firm Darktrace, “MINDEF has rightly acknowledged that governments are an attractive target for stealthy cyber-attackers. New forms of attack are inconspicuous, dwelling in networks for weeks, or even months, moving laterally to find the ‘crown jewels,’ before sounding any alarms. This latest breach heralds the new era of ‘trust attacks,’ which aim to erode faith in the integrity of our data, and the public institutions who host it.
Aurora added that this latest high-profile breach will further ramp up the pressure for Singaporean organizations to adopt artificial intelligence (AI) and machine learning to automatically detect and respond to these inevitable threats, before data can be stolen or changed. “Although it appears that MINDEF has responded swiftly to this incident, the reality is that no human can keep up in this rapidly-evolving threat landscape. It is a cyber arms race and AI technology that self-learns what is ‘normal’ for a network and automatically identifies and takes action against abnormal behavior and genuine threats will be instrumental in safeguarding critical information and infrastructure,” he said.